Re: (preparing for)Pentesting firewall /Checkpoint box

[Matt Gardenghi <mtgarden () gmail com>]

It's pointless to secure a box just for the pentest.  Either secure it 
all the time or not.  Just tweaking things for a last minute scan is 
reminiscent of my style of room cleaning as a kid: hide things under the 
bed and in the closet so mom doesn't notice.  Things aren't cleaned and 
the problem exists, I just managed to get out of trouble during a 
specific inspection.  Not so helpful to the health of the organization.

The question you need to ask is this: How do I secure my boxes long 
term?  What is the best hardening procedure? Let's go from there.

pent 5971 wrote:
> Hi
>
> I would like to ask for your advice on something. Ill have a
> penetration test soon in the enterprise and im need of that nothing
> (configuration mistakes advices etc also) would be found on my
> Checkpoint R65 boxes (both on Windows and Secure Platform) . So what
> can you advice for me to prepare  and also how can i do a pentest to
> these boxes by myself?
>
> Thank you
>
> ------------------------------------------------------------------------
> This list is sponsored by: Information Assurance Certification Review Board
>
> Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. 
>
> http://www.iacertification.org
> ------------------------------------------------------------------------
>
>   

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. 

http://www.iacertification.org
------------------------------------------------------------------------